I am using Django 1.6 to create a web app.. I have users and user profiles and have designed templates to display the profile information of the user.
class UserProfile(models.Model): class Meta: app_label = 'xyz' user = models.OneToOneField(User, related_name='user_profile') description = models.CharField(max_length=200) ... other fields ...
I have various edit buttons on the template where the user views his profile information. Also, a user can view another user's profile. In this case, the user should not be able to see the edit, delete or add buttons.
Are there in-built security mechanisms for this? What is the best way to implement this using Django 1.6?
Thanks in advance.